초록

Suppose that an organization Os wants to do the following: to reveal only part of its network map; to filter unwanted traffic passing through its network; and to route, to the right destination, legitimate traffic intended for hidden parts of its network. This would enable Os to perform traffic filtering and routing with improved resistance against network mapping attacks. This paper proposes a provably-secure hierarchical identity-based group signature scheme which meets the above requirements, and is scalable to large, distributed, and hierarchically-structured networks.